Friend Links
Preface
Software such as the Clash series (Clash Verge Rev, Clash Party with Mihomo core), Stash, and similar applications can implement traffic splitting at the proxy software level without relying on server-side splitting, which is more efficient and convenient. However, they generally require YAML configuration files, which undoubtedly presents the biggest challenge for beginners when encountering such software.
This tutorial is designed for beginners and primarily utilizes Sub-Store, a useful subscription/configuration file management tool.
Sub-Store Repository: https://github.com/sub-store-org/Sub-Store
Two deployment methods will be introduced: Docker installation and npm installation.
Docker Compose
Installing Docker
This will not be elaborated upon in detail. You can find comprehensive installation instructions on Docker’s official website: https://docs.docker.com/engine/install/
Set up Docker’s apt repository:
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get updateInstall using apt:
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-pluginConfiguring the compose.yml File
- Create a compose.yml file:
nano compose.yml- Write the YAML file:
version: "3.8"
services:
sub-store:
image: xream/sub-store:latest
container_name: sub-store
restart: always
volumes:
- /root/sub-store-data:/opt/app/data
environment:
- SUB_STORE_FRONTEND_BACKEND_PATH=/20-character random alphanumeric string (mixed case) for backend encryption
ports:
- 127.0.0.1:3001:3001
stdin_open: true
tty: trueNote:
/root/sub-store-datacan be replaced with your preferred location for storing Sub-Store data. Additionally, please record theSUB_STORE_FRONTEND_BACKEND_PATHvalue, as it will serve as the backend encryption key. The (mapped) port can be changed as needed.
- Execute:
docker compose pull
// Stop running containers (only those executed through docker compose; manually close any others using docker stop and docker rm)
docker compose down
docker compose up -d
// Remove outdated containers and images
docker system prune -f- To update Sub-Store in the future, simply execute the following commands in sequence:
docker compose pull
docker compose down
docker compose up -d
docker system prune -fReverse Proxy
Use Nginx or Caddy for reverse proxy configuration. The default port is 3001; if you’ve modified it, use your custom port. This won’t be elaborated upon in detail as it’s a simple reverse proxy setup. Here’s a basic example; add headers as needed:
your-desired-url (e.g., sub-store.xxx.com) (must be a domain you own) {
reverse_proxy http://127.0.0.1:3001
tls email-for-automatic-SSL-certificate {
dns cloudflare CloudFlare-API-Token
}
}Access
Your URL should be: https://your-Sub-Store-URL?api=https://your-Sub-Store-URL/20-character-alphanumeric-encryption-string
NPM
Environment Requirements
-
Update packages:
sudo apt update && apt upgrade -y -
Install unzip, wget, git:
sudo apt install unzip wget git -y -
Download and install fnm (Node.js version manager):
curl -fsSL https://fnm.vercel.app/install | bash -
Install Node.js:
fnm install v20.10.0 -
Install PNPM package manager:
curl -fsSL https://get.pnpm.io/install.sh | sh -
Installation
- Create Sub-Store installation directory and navigate to it:
mkdir -p /root/sub-store
cd sub-storeYou may choose and create your own directory.
- Download the Sub-Store backend script:
curl -fsSL https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store.bundle.js -o sub-store.bundle.js
Different versions of the js file can be found at https://github.com/sub-store-org/Sub-Store/releases
unzip dist.zip && mv dist frontend && rm dist.zip
- Create the service:
vim /etc/systemd/system/sub-store.service
Modify and paste the following text according to your username and directory names:
[Unit]
Description=Sub-Store
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service
[Service]
LimitNOFILE=32767
Type=simple
Environment="SUB_STORE_FRONTEND_BACKEND_PATH=/2cXaAxRGfddmGz2yx1wA"
Environment="SUB_STORE_BACKEND_CRON=0 0 * * *"
Environment="SUB_STORE_FRONTEND_PATH=/root/sub-store/frontend"
Environment="SUB_STORE_FRONTEND_HOST=0.0.0.0"
Environment="SUB_STORE_FRONTEND_PORT=3001"
Environment="SUB_STORE_DATA_BASE_PATH=/root/sub-store"
Environment="SUB_STORE_BACKEND_API_HOST=127.0.0.1"
Environment="SUB_STORE_BACKEND_API_PORT=3000"
ExecStart=/root/.local/share/fnm/fnm exec --using v20.10.0 node /root/sub-store/sub-store.bundle.js
User=root
Group=root
Restart=on-failure
RestartSec=5s
ExecStartPre=/bin/sh -c ulimit -n 51200
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.targetNote: In the line
Environment="SUB_STORE_FRONTEND_BACKEND_PATH=/2cXaAxRGfddmGz2yx1wA", the string2cXaAxRGfddmGz2yx1wAshould be changed to other complex content and kept confidential, as it will be used for API verification. If you’re unfamiliar with service units as configured above, do not modify parameters such as listening IPs, especially the backend API_HOST, as this could cause security breaches. In particular, do not expose port 3000 to the public internet.
Next, start the service:
systemctl start sub-store.service
Enable the service as a system service with auto-start on boot:
systemctl enable sub-store.service
Check the running status:
systemctl status sub-store.service
- Reverse Proxy
Same as the previous method; no further elaboration needed.
Building Your Own YAML Configuration File
Managing Your Proxies
In subscription management, you can view the proxy information you manage:
What you need to do is add all your links in the following location:
If you have remote connections (such as from proxy services), you can choose to import remote connections and add your links:
Afterward, you can return to the main page and open subscription management to view the different JSON files generated for different clients:
Writing Your Own YAML Configuration File
Navigate to file management and create a new local file:
Below is a sample YAML configuration:
mixed-port: 7890
allow-lan: false
mode: rule
log-level: info
dns:
enable: true
listen: 0.0.0.0:53
ipv6: false
enhanced-mode: fake-ip
fake-ip-range: 198.18.0.1/16
use-hosts: true
nameserver:
- 223.5.5.5
- 119.29.29.29
fallback:
- https://1.1.1.1/dns-query
- https://8.8.8.8/dns-query
fallback-filter:
geoip: true
geoip-code: CN
tun:
enable: true
stack: system
auto-detect-interface: true
proxy-providers:
substore:
type: http
url: "Enter your own managed subscription link"
interval: 120
path: ./providers/substore.yaml
health-check:
enable: true
url: http://cp.cloudflare.com/generate_204
interval: 600
# ===== Rules =====
rule-providers:
Google:
type: http
behavior: classical
path: ./ruleset/Google.yaml
url: https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Google/Google.yaml
interval: 86400
# ===== Proxy Groups (add all nodes from providers) =====
proxy-groups:
- name: 🚀 Proxy
type: select
proxies:
- ♻️ Auto
- 🔧 Manual
- DIRECT
- name: ♻️ Auto
type: url-test
use:
- substore
url: http://cp.cloudflare.com/generate_204
interval: 300
- name: 🔧 Manual
type: select
use:
- substore
- name: 📱 Google
type: select
use:
- substore
# ===== Rules =====
rules:
# ===== Direct Connection =====
- DOMAIN-SUFFIX,local,DIRECT
- DOMAIN,localhost,DIRECT
- IP-CIDR,127.0.0.0/8,DIRECT
- IP-CIDR,10.0.0.0/8,DIRECT
- IP-CIDR,172.16.0.0/12,DIRECT
- IP-CIDR,192.168.0.0/16,DIRECT
- IP-CIDR,224.0.0.0/4,DIRECT
- GEOIP,CN,DIRECT
# ===== Google =====
- RULE-SET,Google,📱 Google
# All other traffic defaults to proxy
- MATCH,🌐 GlobalRemember to fill in your subscription link!!!